Stdout cannot be piped to a StringIO. You need to open a unix PIPE. There are two reasons for this. The code runs in a child process, so you need to use and IPC mechanism, and a string IO is not recognized as a file at the C level

Soon:

Getting rid of SAFE level 3, and moving everything into the kernel space. cgroups sounds hopeful here. As does more rlimit stuff

Performance:

RubyMonk is backed by an code evaluation server that uses secure gem in the backend. A single small (EC2) instance was able to consistently handle 150 code evaluation requests per minute, and we were able to horizontally scale when load went above this. YMMV

Contributing:

Feel free to file bugs. However, if it is a security issue, we appreciate it if you shoot me a mail at tejas@c42.in before you file a bug.